commit | 642bc7590c701c8cd35a9f60fa899cfa518b17ff | [log] [tgz] |
---|---|---|
author | Armin Hasitzka <prince.cherusker@gmail.com> | Thu Nov 22 10:29:35 2018 +0000 |
committer | Armin Hasitzka <prince.cherusker@gmail.com> | Thu Nov 22 10:29:35 2018 +0000 |
tree | 68b81f822d593d8c6fb83abadae3fe2dc1106431 | |
parent | 81f43a9d36c977beadc8ece0b28ba13ba86484ba [diff] |
[cff] Fix memory overflow. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9869 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10869 * src/cff/cffparse.c (destruct_t2s_item, cff_parser_run): Store evaluated T2 charstrings in separately allocated memory.